15 matches found
Mozilla: Add-On updates did not respect the same certificate trust rules as software updates
The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...
Mozilla: Add-On updates did not respect the same certificate trust rules as software updates
The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...
openSUSE Security Update : MozillaThunderbird (openSUSE-2020-982)
This update for MozillaThunderbird to version 68.10.0 ESR fixes the following issues : - CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 bsc1173576. - CVE-2020-12418: Information disclosure due to manipulated URL object bsc1173576. - CVE-2020-12419:...
OPENSUSE-SU-2020:0982-1 Security update for MozillaThunderbird
This update for MozillaThunderbird to version 68.10.0 ESR fixes the following issues: - CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 bsc1173576. - CVE-2020-12418: Information disclosure due to manipulated URL object bsc1173576. - CVE-2020-12419:...
Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20200716)
Security Fixes : - Mozilla: Information disclosure due to manipulated URL object CVE-2020-12418 - Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12419 - Mozilla: Use-After-Free when trying to connect to a STUN server CVE-2020-12420 - Mozilla: Add-On updates did not respect the same...
Mozilla: Add-On updates did not respect the same certificate trust rules as software updates
The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...
Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20200714)
Security Fixes : - Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12417 - Mozilla: Information disclosure due to manipulated URL object CVE-2020-12418 - Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12419 - Mozilla: Use-After-Free when trying to...
Mozilla: Add-On updates did not respect the same certificate trust rules as software updates
The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...
Mozilla: Add-On updates did not respect the same certificate trust rules as software updates
The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
CentOS 6 : firefox (RHSA-2020:2824)
The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2824 advisory. - Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This...
Mozilla: Add-On updates did not respect the same certificate trust rules as software updates
The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...
Mozilla: Add-On updates did not respect the same certificate trust rules as software updates
The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Multiple Mozilla Products Trust Management Issues Vulnerabilities
Mozilla Firefox and others are products of the Mozilla Foundation in the U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of e-mail client software separate from the Mozilla Application...